mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
184 lines
6.1 KiB
JSON
184 lines
6.1 KiB
JSON
{
|
|
"id": "CVE-2011-1953",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2011-06-06T19:55:02.550",
|
|
"lastModified": "2024-11-21T01:27:22.680",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple cross-site scripting (XSS) vulnerabilities in common.php in Post Revolution before 0.8.0c-2 allow remote attackers to inject arbitrary web script or HTML via an attribute of a (1) P, a (2) STRONG, a (3) A, a (4) EM, a (5) I, a (6) IMG, a (7) LI, an (8) OL, a (9) VIDEO, or a (10) BLOCKQUOTE element."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en common.php en Post Revolution v0.8.0c-2, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un atributo de (1) P, (2) STRONG, (3) A (4) EM (5) I (6) IMG (7) LI(8) OL(9) VIDEO o (10)un elemento BLOCKQUOTE."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"baseScore": 4.3,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "0.8.0c",
|
|
"matchCriteriaId": "2C67C01B-F7E8-44E0-9739-3C4200C7B23B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.2:beta:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9A721BF-DFD7-4F66-A5DF-53C69647E75A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.3:beta:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A460C783-0922-48CD-831D-43BC5FA177B8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2B6C9114-F48B-42B5-886C-ACD57C4DAD55"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B185A73E-AD6A-42CE-816F-0EC280BC6DF4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.6.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "412E1018-BF17-42A0-9027-46DD8CEF5383"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8EC294CE-0BE0-4EE2-891C-52A98B8C241A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F76CA836-C63A-4DCC-A265-0A7A9A82C2B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8EDE637C-7D0F-4037-9E45-77886316CEED"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.7.0:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5D5BD6F4-DC7E-47AE-8E24-155C4E2F6B10"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.8.0:alpha:*:*:*:*:*:*",
|
|
"matchCriteriaId": "966BA6A4-5E70-4AB5-9F26-D56D4EADDA49"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postrev:post_revolution:0.8.0b:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CF533C04-2042-459A-B0B2-6D5E6E0195B8"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://javierb.com.ar/2011/06/01/postrev-vunls/",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://postrev.com.ar/verpost.php?id_noticia=59",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/8270",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/518205/100/0/threaded",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/47967",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://javierb.com.ar/2011/06/01/postrev-vunls/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://postrev.com.ar/verpost.php?id_noticia=59",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securityreason.com/securityalert/8270",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/518205/100/0/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/47967",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |